Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-43581

Summary
Assigner-lenovo
Assigner Org ID-da227ddf-6e25-4b41-b023-0f976dcaca4b
Published At-08 Nov, 2023 | 22:25
Updated At-04 Sep, 2024 | 18:02
Rejected At-
Credits

A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:lenovo
Assigner Org ID:da227ddf-6e25-4b41-b023-0f976dcaca4b
Published At:08 Nov, 2023 | 22:25
Updated At:04 Sep, 2024 | 18:02
Rejected At:
▼CVE Numbering Authority (CNA)

A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

Affected Products
Vendor
Lenovo Group LimitedLenovo
Product
Desktop BIOS
Default Status
unaffected
Versions
Affected
  • various
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120: Buffer Copy without Checking Size of Input
Type: CWE
CWE ID: CWE-120
Description: CWE-120: Buffer Copy without Checking Size of Input
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Update system firmware to the version (or newer) indicated for your model in the advisory:  https://support.lenovo.com/us/en/product_security/LEN-141775

Configurations
Workarounds
Exploits
Credits
finder
Lenovo thanks Zichuan Li (@Ri7erLi) from Indiana University Bloomington for reporting this vulnerability.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.lenovo.com/us/en/product_security/LEN-141775
N/A
Hyperlink: https://support.lenovo.com/us/en/product_security/LEN-141775
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.lenovo.com/us/en/product_security/LEN-141775
x_transferred
Hyperlink: https://support.lenovo.com/us/en/product_security/LEN-141775
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
Lenovo Group Limitedlenovo
Product
desktop_bios
CPEs
  • cpe:2.3:a:lenovo:desktop_bios:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • various
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@lenovo.com
Published At:08 Nov, 2023 | 23:15
Updated At:16 Nov, 2023 | 01:42

A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Lenovo Group Limited
lenovo
>>ideacentre_c5-14imb05_firmware>>Versions before o4hkt3ca(exclusive)
cpe:2.3:o:lenovo:ideacentre_c5-14imb05_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_c5-14imb05>>-
cpe:2.3:h:lenovo:ideacentre_c5-14imb05:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_3-07ada05_firmware>>Versions before o4fkt39a(exclusive)
cpe:2.3:o:lenovo:ideacentre_3-07ada05_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_3-07ada05>>-
cpe:2.3:h:lenovo:ideacentre_3-07ada05:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_3-07imb05_firmware>>Versions before m2vkt21a(exclusive)
cpe:2.3:o:lenovo:ideacentre_3-07imb05_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_3-07imb05>>-
cpe:2.3:h:lenovo:ideacentre_3-07imb05:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_5_14iab7_firmware>>Versions before m42kt46a(exclusive)
cpe:2.3:o:lenovo:ideacentre_5_14iab7_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_5_14iab7>>-
cpe:2.3:h:lenovo:ideacentre_5_14iab7:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_5_14irb8_firmware>>Versions before m4ukt36a(exclusive)
cpe:2.3:o:lenovo:ideacentre_5_14irb8_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_5_14irb8>>-
cpe:2.3:h:lenovo:ideacentre_5_14irb8:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_5-14acn6_firmware>>-
cpe:2.3:o:lenovo:ideacentre_5-14acn6_firmware:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_5-14acn6>>-
cpe:2.3:h:lenovo:ideacentre_5-14acn6:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_t540-15ama_g_firmware>>-
cpe:2.3:o:lenovo:ideacentre_t540-15ama_g_firmware:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>ideacentre_t540-15ama_g>>-
cpe:2.3:h:lenovo:ideacentre_t540-15ama_g:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_70t_gen_3_firmware>>Versions before m40kt45a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_neo_70t_gen_3_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_70t_gen_3>>-
cpe:2.3:h:lenovo:thinkcentre_neo_70t_gen_3:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_50t_gen_3_firmware>>Versions before m42kt46a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_neo_50t_gen_3_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_50t_gen_3>>-
cpe:2.3:h:lenovo:thinkcentre_neo_50t_gen_3:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_50a_24_gen_4_firmware>>Versions before o5xkt18a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_neo_50a_24_gen_4_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_50a_24_gen_4>>-
cpe:2.3:h:lenovo:thinkcentre_neo_50a_24_gen_4:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_50a_24_gen_3_firmware>>Versions before o5rkt41a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_neo_50a_24_gen_3_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_50a_24_gen_3>>-
cpe:2.3:h:lenovo:thinkcentre_neo_50a_24_gen_3:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_27_gen_4_firmware>>Versions before o5nkt33a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_neo_30a_27_gen_4_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_27_gen_4_firmware>>o5nkt33a
cpe:2.3:o:lenovo:thinkcentre_neo_30a_27_gen_4_firmware:o5nkt33a:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_27_gen_4>>-
cpe:2.3:h:lenovo:thinkcentre_neo_30a_27_gen_4:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_27_gen_3_firmware>>Versions before o5nkt33a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_neo_30a_27_gen_3_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_27_gen_3>>-
cpe:2.3:h:lenovo:thinkcentre_neo_30a_27_gen_3:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_24_gen_4_firmware>>Versions before o5nkt33a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_neo_30a_24_gen_4_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_24_gen_4>>-
cpe:2.3:h:lenovo:thinkcentre_neo_30a_24_gen_4:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_24_gen_3_firmware>>Versions before o5nkt33a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_neo_30a_24_gen_3_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_24_gen_3>>-
cpe:2.3:h:lenovo:thinkcentre_neo_30a_24_gen_3:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_22_gen_4_firmware>>Versions before o5nkt33a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_neo_30a_22_gen_4_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_22_gen_4>>-
cpe:2.3:h:lenovo:thinkcentre_neo_30a_22_gen_4:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_22_gen_3_firmware>>Versions before o5nkt33a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_neo_30a_22_gen_3_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_neo_30a_22_gen_3>>-
cpe:2.3:h:lenovo:thinkcentre_neo_30a_22_gen_3:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m920z_all-in-one_firmware>>Versions before m1mkt56a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_m920z_all-in-one_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m920z_all-in-one>>-
cpe:2.3:h:lenovo:thinkcentre_m920z_all-in-one:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90t_gen_3_firmware>>Versions before m40kt45a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_m90t_gen_3_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90t_gen_3>>-
cpe:2.3:h:lenovo:thinkcentre_m90t_gen_3:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90t_firmware>>Versions before m2tkt55a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_m90t_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90t>>-
cpe:2.3:h:lenovo:thinkcentre_m90t:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90s_gen_3_firmware>>Versions before m40kt45a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_m90s_gen_3_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90s_gen_3>>-
cpe:2.3:h:lenovo:thinkcentre_m90s_gen_3:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90s_firmware>>Versions before m2tkt55a(exclusive)
cpe:2.3:o:lenovo:thinkcentre_m90s_firmware:*:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90s>>-
cpe:2.3:h:lenovo:thinkcentre_m90s:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90q_tiny_firmware>>-
cpe:2.3:o:lenovo:thinkcentre_m90q_tiny_firmware:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90q_tiny>>-
cpe:2.3:h:lenovo:thinkcentre_m90q_tiny:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90q_gen_3_firmware>>-
cpe:2.3:o:lenovo:thinkcentre_m90q_gen_3_firmware:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90q_gen_3>>-
cpe:2.3:h:lenovo:thinkcentre_m90q_gen_3:-:*:*:*:*:*:*:*
Lenovo Group Limited
lenovo
>>thinkcentre_m90q_gen_2_firmware>>-
cpe:2.3:o:lenovo:thinkcentre_m90q_gen_2_firmware:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarypsirt@lenovo.com
CWE ID: CWE-120
Type: Primary
Source: psirt@lenovo.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.lenovo.com/us/en/product_security/LEN-141775psirt@lenovo.com
Vendor Advisory
Hyperlink: https://support.lenovo.com/us/en/product_security/LEN-141775
Source: psirt@lenovo.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

151Records found
CVE-2026-0940
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-8.4||HIGH
EPSS-0.02% / 5.19%
||
7 Day CHG~0.00%
Published-11 Mar, 2026 | 20:21
Updated-13 Mar, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-ThinkPad Z13 Gen 1 BIOSThinkPad T14 Gen 5 BIOSThinkPad Z13 Gen 2 BIOSThinkPad Z16 Gen 2 BIOSThinkPad P14s Gen 5 BIOSThinkPad P16v Gen 1 BIOSThinkPad P15v Gen 3 BIOSThinkPad Z16 Gen 1 BIOS
CWE ID-CWE-665
Improper Initialization
CVE-2024-4550
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 9.65%
||
7 Day CHG~0.00%
Published-13 Sep, 2024 | 17:26
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential buffer overflow vulnerability was reported in some Lenovo ThinkSystem and ThinkStation products that could allow a local attacker with elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-P360 Workstation (ThinkStation) BIOSST58 V2 (ThinkSystem) BIOSST50 (ThinkSystem) BIOSST58 (ThinkSystem) BIOSST50 V2 (ThinkSystem) BIOSthinksystem_st50_v2_firmwarethinkstation_p360_workstation_firmwarethinksystem_st58_v2_firmwarethinksystem_st58_firmwarethinksystem_st50_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-45105
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 23.53%
||
7 Day CHG~0.00%
Published-13 Sep, 2024 | 17:29
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-VX650 V3 DPU Integrated System (ThinkAgile) BIOSST258 V3 (ThinkSystem) BIOSHX2330 Appliance (ThinkAgile) BIOSSR665 V3 (ThinkSystem) BIOSMX3330-H Hybrid Appliance (ThinkAgile) BIOSMX3330-F All-flash Appliance (ThinkAgile) BIOSSR250 V3 (ThinkSystem) BIOSVX665 V3 Certified Node (ThinkAgile) BIOSVX650 V3 DPU SAP HANA Certified Node (ThinkAgile) BIOSHX630 V3 Certified Node (ThinkAgile) BIOSMX3531-F All-flash Certified node (ThinkAgile) BIOSSD650-N V2 (ThinkSystem) BIOSHX630 V3 Integrated System (ThinkAgile) BIOSSR250 V2 (ThinkSystem) BIOSVX635 V3 Certified Node (ThinkAgile) BIOSSR665 (ThinkSystem) BIOSHX665 V3 Integrated System (ThinkAgile) BIOSSN550 V2 (ThinkSystem) BIOSVX655 V3 Certified Node (ThinkAgile) BIOSST250 V3 (ThinkSystem) BIOSSR950 V3 (ThinkSystem) BIOSMX3530-H Hybrid Appliance (ThinkAgile) BIOSVX3331 Certified Node (ThinkAgile) BIOSMX630 V3 Certified Node (ThinkAgile) BIOSSR650 V2 (ThinkSystem) BIOSSE455 V3 (ThinkEdge) BIOSVX650 V3 Integrated System (ThinkAgile) BIOSVX7330 Appliance (Thinkagile) BIOSHX7531 Node SAP HANA (ThinkAgile) BIOSSR630 V2 (ThinkSystem) BIOSSR850 V3 (ThinkSystem) BIOSMX650 v3 Integrated System (ThinkAgile) BIOSSR258 V2 (ThinkSystem) BIOSVX5530 Appliance (ThinkAgile) BIOSSR670 V2 (ThinkSystem) BIOSHX7530 Appl for SAP HANA (ThinkAgile) BIOSVX3530-G Appliance (ThinkAgile) BIOSHX3330 Appliance (ThinkAgile) BIOSVX3330 Appliance (ThinkAgile) BIOSVX645 V3 Integrated System (ThinkAgile) BIOSHX3331 Node SAP HANA (ThinkAgile) BIOSSE350 V2 (ThinkEdge) BIOSST650 V2 (ThinkSystem) BIOSVX2330 Appliance (ThinkAgile) BIOSSR860 V2 (ThinkSystem) BIOSSD530 V3 (ThinkSystem) BIOSHX7531 Certified Node (ThinkAgile) BIOSHX3331 Certified Node (ThinkAgile) BIOSSR850 V2 (ThinkSystem) BIOSSE450 (ThinkEdge) BIOSMX3331-F All-flash Certified node (ThinkAgile) BIOSST658 V2 (ThinkSystem) BIOSSR635 V3 (ThinkSystem) BIOSSR675 V3 (ThinkSystem) BIOSSD665 V3 (ThinkSystem) BIOSHX650 V3 Integrated System (ThinkAgile) BIOSHX650 V3 Certified Node (ThinkAgile) BIOSVX650 V3 DPU Certified Node (ThinkAgile) BIOSVX630 V3 Certified Node (ThinkAgile) BIOSMX3331-H Hybrid Certified node (ThinkAgile) BIOSSD550 V3 (ThinkSystem) BIOSSR655 V3 (ThinkSystem) BIOSST250 V2 (ThinkSystem) BIOSVX7531 Certified Node (ThinkAgile) BIOSVX650 V3 Certified Node (ThinkAgile) BIOSHX5531 Certified Node (ThinkAgile) BIOSVX650 V3 SAP HANA Certified Node (ThinkAgile) BIOSST258 V2 (ThinkSystem) BIOSSR258 V3 (ThinkSystem) BIOSHX665 V3 Certified Node (ThinkAgile) BIOSHX645 V3 Integrated System (ThinkAgile) BIOSMX630 V3 Integrated System (ThinkAgile) BIOSHX3376 Certified Node (ThinkAgile) BIOSHX665 V3 Storage Integrated Node (ThinkAgile) BIOSSD650 V2 (ThinkSystem) BIOSSE360 V2 (ThinkEdge) BIOSST650 V3 (ThinkSystem) BIOSSR645 (ThinkSystem) BIOSSD650 V3 (ThinkSystem) BIOSSR860 V3 (ThinkSystem) BIOSVX655 V3 Integrated System (ThinkAgile) BIOSVX665 V3 Integrated System (ThinkAgile) BIOSSD630 V2 (ThinkSystem) BIOSHX3375 Appliance (ThinkAgile) BIOSHX645 V3 Certified Node (ThinkAgile) BIOSHX1331 Certified Node (ThinkAgile) BIOSVX645 V3 Certified Node (ThinkAgile) BIOSHX665 V3 Storage Certified Node (ThinkAgile) BIOSSR630 V3 (ThinkSystem) BIOSSR650 V3 (ThinkSystem) BIOSHX2331 Certified Node (ThinkAgile) BIOSMX3531 H Hybrid Certified node (ThinkAgile) BIOSVX635 V3 Integrated System (ThinkAgile) BIOSMX650 V3 Certified Node (ThinkAgile) BIOSVX7530 Appliance (ThinkAgile) BIOSST658 V3 (ThinkSystem) BIOSHX5530 Appliance (ThinkAgile) BIOSMX3530 F All flash Appliance (ThinkAgile) BIOSSR645 V3 (ThinkSystem) BIOSthinkedge_se455_v3_firmwarethinkagile_hx3375_firmwarethinksystem_sr850_v2_firmwarethinksystem_sd630_v2_firmwarethinksystem_sd665_v3_firmwarethinkagile_hx645_v3_integrated_system_firmwarethinksystem_sd530_v3_firmwarethinksystem_sd650_v3_firmwarethinkedge_se350_v2_firmwarethinksystem_sr850_v3_firmwarethinksystem_sr950_v3_firmwarethinkedge_se450__firmwarethinkagile_hx650_v3_firmwarethinksystem_st250_v3_firmwarethinksystem_sr250_v2_firmwarethinkagile_hx5530_firmware
CWE ID-CWE-825
Expired Pointer Dereference
CVE-2025-6249
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-8.4||HIGH
EPSS-0.02% / 4.89%
||
7 Day CHG~0.00%
Published-17 Jul, 2025 | 19:20
Updated-17 Jul, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authentication bypass vulnerability was reported in FileZ client application that could allow a local attacker with elevated permissions access to application data.

Action-Not Available
Vendor-Lenovo Group Limited
Product-FileZ Client
CWE ID-CWE-602
Client-Side Enforcement of Server-Side Security
CVE-2024-3100
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 28.26%
||
7 Day CHG~0.00%
Published-13 Sep, 2024 | 17:26
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential buffer overflow vulnerability was reported in some Lenovo Notebook products that could allow a local attacker with elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-IdeaPad 3 15ABA7 Laptop BIOSIdeaPad 3-17ALC6 Laptop BIOSIdeaPad Flex 5 14ALC7 Laptop BIOSLenovo V15 G3 ABA Laptop BIOSLenovo Flex 7 14IRU8 BIOSIdeaPad Flex 5 14ABR8 BIOSIdeaPad Slim 3 16ABR8 BIOSLenovo V14 G4 ABP BIOSIdeaPad 1-14IGL05 Laptop BIOS300w Yoga Gen 4 Laptop (Lenovo) BIOSIdeaPad Flex 5 16ALC7 BIOSLenovo V14 G4 AMN BIOS13w Yoga Gen 2 (Type 82YR, 82YS) Laptop (Lenovo) BIOSLenovo V15 G4 ABP BIOS500w Yoga Gen 4 Laptop (Lenovo) BIOSFlex 5-15ITL05 Laptop (ideapad) BIOSIdeaPad Slim 3 15ABR8 BIOS14W Gen 2 Laptop (Lenovo) BIOSThinkBook 14 G6 IRL BIOSIdeaPad Flex 5 16IRU8 BIOSV15 G2-ALC Laptop (Lenovo) BIOS100w Gen 4 Laptop (Lenovo) BIOSIdeaPad Flex 5 14IAU7 Laptop BIOSIdeaPad 3-15ALC6 Laptop BIOSIdeaPad Slim 3 14ABR8 BIOSFlex 5-14ITL05 Laptop (ideapad) BIOSideapad 5-15ALC05 Laptop BIOSLenovo V15 G4 AMN BIOSYoga Slim 7 Pro-14ACH5 Laptop (ideapad) BIOSYoga Slim 7 Pro-14ACH5 O Laptop (ideapad) BIOSIdeaPad Flex 5 14IRU8 BIOSLenovo Flex 7 14IAU7 BIOSIdeaPad Slim 3 15AMN8 BIOSIdeaPad Flex 5 16IAU7 BIOSThinkBook 16 G6 IRL BIOSIdeaPad Slim 5 Light 14ABR8 BIOS100w Gen 3 Laptop (Lenovo) BIOSThinkBook 13s G4 ARB BIOSIdeaPad Slim 3 14AMN8 BIOSIdeaPad 1 15ALC7 Laptop BIOSThinkBook 13s G4 IAP BIOSIdeaPad 1-11IGL05 Laptop BIOSThinkBook 14 G6 ABP BIOSThinkBook 16 G6 ABP BIOSLenovo V14 G3 ABA Laptop BIOSIdeaPad 3 14ABA7 Laptop BIOS300w Gen 3 Laptop (Lenovo) BIOSIdeaPad 1 14ALC7 Laptop BIOSIdeaPad 3 17ABA7 Laptop BIOSK14 G2 IRU BIOSV14 G2-ALC Laptop (Lenovo) BIOS13w Yoga (Type 82S1, 82S2) Laptop (Lenovo) BIOSThinkBook 13x G2 IAP Laptop BIOSIdeaPad Flex 5 16ABR8 BIOSIdeaPad 3-14ALC6 Laptop BIOSv15_g4_abp_firmwareideapad_slim_5_light_14abr8_firmwareyoga_slim_7_pro-14ach5_o_firmwareflex_5-14itl05_firmwareideapad_slim_3_15amn8_firmwareideapad_3-17alc6_firmwarek14_g2_iru_firmware500w_yoga_gen_4_firmware13w_yoga_gen_2_firmwareideapad_flex_5_16iau7_firmware14w_gen_2_firmwareideapad_1-11igl05_firmwarethinkbook_16_g6_abp_firmwareideapad_slim_3_16abr8_firmwarethinkbook_13s_g4_iap_firmwarethinkbook_13x_g2_iap_firmware13w_yoga_firmwareideapad_flex_5_14alc7_firmware100w_gen_3_firmwareideapad_flex_5_16iru8_firmwareideapad_1_15alc7_firmwareideapad_5-15alc05_firmwareideapad_flex_5_16abr8_firmwarethinkbook_13s_g4_arb_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-23593
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 13.19%
||
7 Day CHG~0.00%
Published-15 Apr, 2024 | 18:01
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to modify the boot manager and escalate privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-Windows 7 and 8 PC Preloads
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2025-4657
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-8.4||HIGH
EPSS-0.03% / 7.61%
||
7 Day CHG~0.00%
Published-17 Jul, 2025 | 19:22
Updated-17 Jul, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5.1.1110.4231, used in Lenovo PC Manager, Lenovo Browser, and Lenovo App Store could allow a local attacker with elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-App StorePC ManagerBrowser
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-5912
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 6.54%
||
7 Day CHG~0.00%
Published-05 Apr, 2024 | 20:45
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential memory leakage vulnerability was reported in some Lenovo Notebook products that may allow a local attacker with elevated privileges to write to NVRAM variables.

Action-Not Available
Vendor-Lenovo Group Limited
Product-Notebook BIOSnotebook
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-5078
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.38%
||
7 Day CHG~0.00%
Published-08 Nov, 2023 | 22:02
Updated-16 Sep, 2024 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_s2_gen_8_firmwarethinkpad_l14_gen_4thinkpad_p14s_gen_3thinkpad_s2_yoga_gen_7thinkpad_s2_gen_8thinkpad_s2_yoga_gen_8thinkpad_s2_yoga_gen_6_firmwarethinkpad_l14_gen_3thinkpad_l13_gen_4_firmwarethinkpad_l13_yoga_gen_3_firmwarethinkpad_l15_gen_3thinkpad_l13_yoga_gen_2thinkpad_p14s_gen_3_firmwarethinkpad_l14_gen_4_firmwarethinkpad_s2_yoga_gen_8_firmwarethinkpad_l13_gen_3thinkpad_t16_gen_1_firmwarethinkpad_t14_gen_3thinkpad_l13_yoga_gen_4thinkpad_l14_gen_3_firmwarethinkpad_l15_gen_3_firmwarethinkpad_l15_gen_4_firmwarethinkpad_l13_gen_4thinkpad_l13_yoga_gen_4_firmwarethinkpad_l13_yoga_gen_2_firmwarethinkpad_x13_gen_3_firmwarethinkpad_t14s_gen_3thinkpad_s2_yoga_gen_6thinkpad_l13_gen_2_firmwarethinkpad_l13_gen_3_firmwarethinkpad_t16_gen_1thinkpad_l13_gen_2thinkpad_p16s_gen_1thinkpad_l13_yoga_gen_3thinkpad_t14_gen_3_firmwarethinkpad_l15_gen_4thinkpad_s2_yoga_gen_7_firmwarethinkpad_t14s_gen_3_firmwarethinkpad_p16s_gen_1_firmwarethinkpad_x13_gen_3ThinkPad BIOSthinkpad
CWE ID-CWE-1419
Incorrect Initialization of Resource
CVE-2023-43570
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.43%
||
7 Day CHG~0.00%
Published-08 Nov, 2023 | 22:07
Updated-12 Sep, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability was reported in the SMI callback function of the OemSmi driver that may allow a local attacker with elevated permissions to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkcentre_m70q_firmwarethinkcentre_m80t_gen_3ideacentre_aio_3-27itl6_firmwarethinkstation_p340_workstationthinkcentre_m70s_firmwarethinkcentre_m90q_gen_2thinkcentre_m70t_gen_3thinkcentre_m90q_tiny_firmwarethinkcentre_neo_30a_27_gen_3_firmwarethinkcentre_m70a_gen_3ideacentre_g5-14imb05_firmwarethinkstation_p330_workstationthinkcentre_m70qideacentre_5_14iab7_firmwareideacentre_aio_3-24alc6thinkstation_p340_workstation_firmwarev55t_gen_2_13acnloq_17irb8_firmwarethinkcentre_m90q_gen_3ideacentre_5_14irb8_firmwarethinkcentre_neo_30a_27_gen_3thinkcentre_m90t_gen_3_firmwarethinkcentre_m630ethinkcentre_m625qideacentre_aio_3-24imb05_firmwareyoga_aio_7_27arh7_firmwarethinkstation_p520_workstation_firmwareyoga_aio_7-27arh6v50t-13imbthinkstation_p360_workstationthinkcentre_m70a_gen_3_firmwarethinkcentre_m90a_pro_gen_3_firmwareloq_17irb8thinkstation_p350_workstationideacentre_mini_5_01iaq7thinkstation_p520c_workstationthinkstation_p350_workstation_firmwareideacentre_5-14iob6v30a-22itlthinkstation_p330_workstation_2nd_genv50a-24imb_firmwareideacentre_gaming_5_17acn7_firmwarethinkcentre_m70c_firmwarev55t_gen_2_13acn_firmwarethinkcentre_m90tthinkstation_p330_workstation_2nd_gen_firmwarethinkcentre_neo_50a_24_gen_4_firmwarethinkcentre_neo_30a_22_gen_4ideacentre_5-14iob6_firmwarelegion_t7_34irz8_firmwareideacentre_aio_3-22itl6_firmwarethinkcentre_m70s_gen_3_firmwarethinkedge_se30_firmwarethinkcentre_m80q_gen_3_firmwarethinkcentre_m920z_all-in-one_firmwarethinkcentre_neo_30a_27_gen_4legion_t5_26irb8v50a-22imbthinkstation_p350_tiny_workstationv50a-24imbthinkcentre_neo_30a_24_gen_3thinkcentre_m90sthinkstation_p358_workstation_firmwarethinkcentre_m70q_gen_2_firmwarev50s-07imbideacentre_creator_5-14iob6thinkcentre_m90a_gen_3thinkcentre_m75s_gen_2ideacentre_5-14acn6_firmwareideacentre_aio_3-24imb05ideacentre_gaming_5-14acn6thinkcentre_m80tthinkcentre_m70tideacentre_5-14imb05thinkcentre_m90a_gen_2_firmwarethinkcentre_m90a_pro_gen_3thinkcentre_m90a_firmwarethinkcentre_m625q_firmwareyoga_aio_7_27arh7ideacentre_aio_5_24iah7ideacentre_aio_3_21itl7ideacentre_aio_5_27iah7_firmwareideacentre_aio_3-27imb05thinkstation_p348_workstation_firmwareideacentre_aio_3-24itl6_firmwarethinkstation_p920_workstationideacentre_aio_3_22iap7_firmwarethinkstation_p330_workstation_firmwarethinkcentre_m75t_gen_2_firmwarethinkstation_p360_ultra_workstationideacentre_aio_3-22iil5yoga_aio_7-27arh6_firmwareideacentre_aio_5_24iah7_firmwarethinkcentre_neo_70t_gen_3_firmwarethinkcentre_m90a_gen_3_firmwareideacentre_aio_3_24iap7_firmwareideacentre_aio_3-24iil5ideacentre_gaming_5-14iob6thinkcentre_m90q_tinythinkcentre_neo_50t_gen_3thinkcentre_m70t_firmwarelegion_t7-34imz5_firmwareideacentre_mini_5_01iaq7_firmwareideacentre_g5-14imb05thinkcentre_neo_30a_27_gen_4_firmwareideacentre_aio_3-24iil5_firmwareideacentre_t540-15ama_gthinkcentre_neo_70t_gen_3ideacentre_aio_3-22itl6thinkstation_p358_workstationideacentre_aio_3_27iap7_firmwarethinkstation_p350_tiny_workstation_firmwarethinkstation_p360_ultra_workstation_firmwarethinkcentre_m90t_firmwarev30a-24imlthinkcentre_m80sthinkcentre_m70q_gen_2thinkcentre_m75s_gen_2_firmwarelegion_t7-34iaz7thinkcentre_m80q_firmwarelegion_t5_26iab7_firmwarelegion_t5_26iab7ideacentre_aio_3-27itl6thinkcentre_m90s_firmwarethinkcentre_m630e_firmwareideacentre_aio_3-22imb05v50t-13iob_firmwarethinkcentre_neo_30a_22_gen_3_firmwareideacentre_mini_5-01imh05thinkcentre_m80t_gen_3_firmwareideacentre_aio_3_22iap7ideacentre_gaming_5_17acn7ideacentre_aio_3_21itl7_firmwarethinkstation_p340_tiny_workstationthinkcentre_neo_30a_22_gen_3thinkcentre_m90s_gen_3thinkstation_p320_workstationthinkcentre_neo_50t_gen_3_firmwarethinkstation_p348_workstationideacentre_t540-15ama_g_firmwareideacentre_aio_3_27iap7ideacentre_g5-14amr05_firmwarethinkcentre_m75n_firmwarethinkcentre_m80qthinkedge_se30ideacentre_5_14iab7ideacentre_mini_5-01imh05_firmwarelegion_t7_34irz8thinkcentre_m75nthinkstation_p920_workstation_firmwarelegion_t7-34imz5v30a-24iml_firmwarethinkcentre_m70t_gen_3_firmwarethinkstation_p520_workstationv50t-13imh_firmwarethinkcentre_m920z_all-in-onethinkcentre_neo_30a_24_gen_3_firmwarethinkstation_p520c_workstation_firmwareideacentre_3-07ada05thinkcentre_m70cthinkcentre_neo_30a_24_gen_4v50t-13iobthinkstation_p360_tiny_workstation_firmwareideacentre_aio_3-22iil5_firmwarethinkstation_p720_workstationthinkcentre_m75q_gen_2thinkcentre_m90q_gen_3_firmwarethinkcentre_m90athinkcentre_neo_50a_24_gen_4thinkcentre_m80s_gen_3v30a-24itl_firmwareideacentre_aio_3-22imb05_firmwareideacentre_c5-14imb05thinkcentre_m90s_gen_3_firmwarethinkcentre_m70s_gen_3ideacentre_aio_3_24iap7thinkcentre_m90q_gen_2_firmwarethinkcentre_m80q_gen_3v30a-24itlv50a-22imb_firmwarethinkstation_p360_tiny_workstationthinkcentre_m70sthinkcentre_neo_50a_24_gen_3_firmwarev50s-07imb_firmwarev30a-22imlthinkcentre_neo_30a_24_gen_4_firmwareideacentre_aio_3-24itl6ideacentre_c5-14imb05_firmwareideacentre_aio_3-27imb05_firmwarethinkcentre_m80s_gen_3_firmwarelegion_t5_26irb8_firmwarev30a-22iml_firmwareideacentre_3-07ada05_firmwarev30a-22itl_firmwarethinkcentre_m75q_gen_2_firmwarethinkstation_p360_workstation_firmwarethinkstation_p340_tiny_workstation_firmwareideacentre_5-14imb05_firmwarev50t-13imb_firmwareideacentre_gaming_5_17iab7ideacentre_3-07imb05_firmwareideacentre_5_14irb8thinkstation_p720_workstation_firmwareideacentre_g5-14amr05ideacentre_aio_3-24alc6_firmwareideacentre_gaming_5-14iob6_firmwarethinkcentre_m80t_firmwarethinkstation_p320_workstation_firmwarethinkcentre_m90a_gen_2ideacentre_5-14acn6thinkcentre_neo_50a_24_gen_3thinkcentre_neo_30a_22_gen_4_firmwarethinkcentre_m80s_firmwareideacentre_aio_5_27iah7ideacentre_3-07imb05legion_t7-34iaz7_firmwareideacentre_gaming_5_17iab7_firmwareideacentre_gaming_5-14acn6_firmwarethinkcentre_m75t_gen_2ideacentre_creator_5-14iob6_firmwarethinkcentre_m90t_gen_3v50t-13imhDesktop BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2023-25493
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.10%
||
7 Day CHG~0.00%
Published-05 Apr, 2024 | 20:46
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-BIOSbios
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2023-25494
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 6.37%
||
7 Day CHG~0.00%
Published-05 Apr, 2024 | 20:46
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability were reported in the BIOS of some Desktop, Smart Edge, and ThinkStation products that could allow a local attacker with elevated privileges to write to NVRAM variables.

Action-Not Available
Vendor-Lenovo Group Limited
Product-Desktop BIOS, Smart Edge BIOS, ThinkStation BIOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-2290
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.05% / 14.07%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 19:44
Updated-03 Dec, 2024 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_t14sthinkpad_x13_yoga_gen_1thinkpad_p17_gen_1thinkpad_e490thinkpad_e590_firmwarethinkpad_thinkpad_r14_gen_2_firmwarethinkpad_t490thinkpad_p16_gen_1thinkpad_p73_firmwarethinkpad_t590thinkpad_x1_extreme_gen_5_firmwarethinkpad_p53thinkpad_x1_carbon_9th_gen_firmwarethinkpad_x1_yoga_5th_genthinkpad_z16_gen_1_firmwarethinkpad_x1_carbon_8th_gen_firmwarethinkpad_x12_detachable_gen_1_firmwarethinkpad_l590thinkpad_p14s_gen_3_firmwarethinkpad_x1_carbon_9th_genthinkpad_t14_gen_3thinkpad_x1_carbon_7th_genthinkpad_x1_extreme_4th_gen_firmwarethinkpad_l15_gen_3_firmwarethinkpad_x1_carbon_7th_gen_firmwarethinkpad_t15p_gen_2_firmwarethinkpad_p15v_gen_3thinkpad_x390_firmwarethinkpad_x13_gen_3_firmwarethinkpad_x1_yoga_6th_genthinkpad_t15p_gen_2thinkpad_e14_gen_4thinkpad_e15_firmwarethinkpad_l13_gen_3_firmwarethinkpad_t14_gen_2_firmwarethinkpad_x13thinkpad_t14s_firmwarethinkpad_p15_gen_2_firmwarethinkpad_t14s_gen_3_firmwarethinkpad_e14_gen_2thinkpad_x390thinkpad_z13_gen_1_firmwarethinkpad_e15_gen_4thinkpad_t15g_gen_1thinkpad_x1_yoga_6th_gen_firmwarethinkpad_p15s_gen_1_firmwarethinkpad_x1_extreme_2nd_genthinkpad_x13_yoga_gen_1_firmwarethinkpad_e14_gen_4_firmwarethinkpad_z13_gen_1thinkpad_l15_gen_2thinkpad_t490_firmwarethinkpad_x390_yoga_firmwarethinkpad_p14s_gen_3thinkpad_p15v_gen_1thinkpad_t15_firmwarethinkpad_t590_firmwarethinkpad_p17_gen_2_firmwarethinkpad_x1_yoga_7th_gen_firmwarethinkpad_t15p_gen_1_firmwarethinkpad_x1_yoga_7th_genthinkpad_l490_firmwarethinkpad_x1_extreme_4th_genthinkpad_thinkpad_r14_gen_4thinkpad_l13_yoga_gen_3_firmwarethinkpad_p1_gen_2_firmwarethinkpad_p15v_gen_2thinkpad_t15g_gen_2_firmwarethinkpad_l13_gen_3thinkpad_x13_firmwarethinkpad_x1_carbon_8th_genthinkpad_x13_gen_2thinkpad_t15p_gen_1thinkpad_l15_gen_2_firmwarethinkpad_t14s_gen_3thinkpad_e590thinkpad_e490sthinkpad_x1_nano_gen_1thinkpad_p15_gen_1_firmwarethinkpad_t15thinkpad_x1_extreme_3rd_gen_firmwarethinkpad_x1_extreme_3rd_genthinkpad_p14s_gen_2_firmwarethinkpad_t15g_gen_1_firmwarethinkpad_x1_nano_gen_2thinkpad_x1_yoga_4th_genthinkpad_p15s_gen_1thinkpad_x13_yoga_gen_3thinkpad_t14s_gen_2thinkpad_x13_gen_3thinkpad_thinkpad_s3_2nd_gen_firmwarethinkpad_e15thinkpad_p53sthinkpad_p17_gen_2thinkpad_e15_gen_4_firmwarethinkpad_t15p_gen_3_firmwarethinkpad_x13_yoga_gen_2thinkpad_t15p_gen_3thinkpad_x390_yogathinkpad_e14thinkpad_l15_gen_3thinkpad_x1_extreme_gen_5thinkpad_t16_gen_1_firmwarethinkpad_p14s_gen_1thinkpad_p43sthinkpad_x1_yoga_4th_gen_firmwarethinkpad_l14_firmwarethinkpad_t490s_firmwarethinkpad_t14_gen_2thinkpad_p14s_gen_1_firmwarethinkpad_t15g_gen_2thinkpad_p1_gen_3thinkpad_p16s_gen_1thinkpad_l13_yoga_gen_3thinkpad_e490s_firmwarethinkpad_thinkpad_r14_gen_4_firmwarethinkpad_x1_titanium_firmwarethinkpad_p1_gen_2thinkpad_x13_yoga_gen_2_firmwarethinkpad_t14s_gen_2_firmwarethinkpad_p1_gen_5thinkpad_thinkpad_s3_2nd_genthinkpad_z16_gen_1thinkpad_x13_gen_2_firmwarethinkpad_e490_firmwarethinkpad_e14_gen_2_firmwarethinkpad_p17_gen_1_firmwarethinkpad_p15s_gen_2_firmwarethinkpad_p53_firmwarethinkpad_t15_gen_2_firmwarethinkpad_x1_nano_gen_2_firmwarethinkpad_p15v_gen_2_firmwarethinkpad_p16_gen_1_firmwarethinkpad_l15_firmwarethinkpad_x12_detachable_gen_1thinkpad_p1_gen_3_firmwarethinkpad_p15_gen_2thinkpad_l490thinkpad_thinkpad_r14_gen_2thinkpad_l14thinkpad_t490sthinkpad_p73thinkpad_l590_firmwarethinkpad_p1_gen_5_firmwarethinkpad_x1_carbon_10th_genthinkpad_e15_gen_2_firmwarethinkpad_x1_extreme_2nd_gen_firmwarethinkpad_e15_gen_2thinkpad_l15thinkpad_t14_gen_1thinkpad_t15_gen_2thinkpad_x1_titaniumthinkpad_t16_gen_1thinkpad_t14_gen_1_firmwarethinkpad_e14_firmwarethinkpad_p1_gen_4_firmwarethinkpad_x1_nano_gen_1_firmwarethinkpad_t14_gen_3_firmwarethinkpad_p14s_gen_2thinkpad_x1_yoga_5th_gen_firmwarethinkpad_p15s_gen_2thinkpad_p53s_firmwarethinkpad_p15v_gen_1_firmwarethinkpad_p15_gen_1thinkpad_x13_yoga_gen_3_firmwarethinkpad_x1_carbon_10th_gen_firmwarethinkpad_p16s_gen_1_firmwarethinkpad_p15v_gen_3_firmwarethinkpad_p43s_firmwarethinkpad_p1_gen_4ThinkPadthinkpad_e14thinkpad_e15thinkpad_e14_gen2thinkpad_e490
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-4210
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.00%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkstation_p520_firmwareideacentre_aio_3-27itl6_firmwarethinkcentre_m910zideacentre_aio_3-27itl6ideacentre_aio_3-22ada6ideacentre_aio_3-22ada6_firmwarethinkcentre_m800v410z_firmwarethinkcentre_m900ideacentre_g5-14imb05_firmwarethinkstation_p520thinkcentre_m90a_gen2v50t-13imbthinkcentre_x1thinkcentre_m700thinkcentre_m75n_firmwarethinkstation_p310_firmwarethinkstation_p310thinkedge_se30thinkcentre_m700_firmwarethinkcentre_m810zthinkcentre_m800_firmwarethinkcentre_m75nthinkcentre_m810z_firmwareideacentre_aio_3-22itl6_firmwarethinkedge_se30_firmwarethinkcentre_m70a_firmwareideacentre_aio_3-24ada6_firmwarethinkcentre_m900_firmwarea540-27icbstadia_ggp-120_firmwareideacentre_aio_3-22iil5_firmwarev410zstadia_ggp-120ideacentre_c5-14imb05thinkcentre_m900x_firmwarea540-27icb_firmwareideacentre_5-14imb05thinkcentre_m700_tinyideacentre_aio_3-24itl6thinkstation_p520c_firmwarethinkcentre_m90a_gen2_firmwareideacentre_c5-14imb05_firmwarea540-24icbthinkcentre_m70aideacentre_aio_3-24ada6thinkcentre_m820z_firmwareideacentre_aio_3-24itl6_firmwarev540-24iwl_firmwarea540-24icb_firmwareideacentre_aio_3-22iil5ideacentre_5-14imb05_firmwarev50t-13imb_firmwarethinkcentre_m820zthinkcentre_m900xideacentre_aio_3-24iil5thinkcentre_m910z_firmwareideacentre_aio_3-22itl6ideacentre_g5-14imb05thinkcentre_x1_firmwareideacentre_aio_3-24iil5_firmwarethinkcentre_m700_tiny_firmwarev540-24iwlthinkstation_p520cBIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-4212
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.08%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the SMI callback function used in the Legacy BIOS mode driver in some Lenovo Notebook models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-ideapad_5_pro-16ihu6_firmwareideapad_gaming_3-15imh05_firmwarel340-17irh_firmwareideapad_5-14alc05ideapad_5-14alc05_firmwarel340-15iwl_touch_firmwareideapad_5_pro-16ihu6ideapad_gaming_3-15ach6legion_y545_firmwareslim_7-14itl05yoga_creator_7-15imh05e41-50_firmwareyoga_6-13alc6_firmwarel340-15iwl_firmwareflex-14imllegion_y545ideapad_5-15itl05_firmwareyoga_slim_7-15imh05yoga_slim_7-15iil05ideapad_3-14are05s540-14imlslim_7-14itl05_firmwarel340-17iwlyoga_creator_7-15imh05_firmwarelegion_y540-15irh-pg0_firmwareideapad_5-15itl05s340-14imllegion_y7000-2019-pg0ideapad_gaming_3-15imh05slim_7-14are05ideapad_3-17are05_firmwarethinkbook_plus_g2_itgideapad_3-15are05s340-13imlideapad_5_pro-14acn6yoga_slim_7-15imh05_firmwareideapad_5-14are05legion_y540-15irh-pg0ideapad_creator_5-15imh05s340-15apis340-15imlideapad_5_pro-14acn6_firmwareyoga_slim_7-14itl05_firmwareyoga_slim_7-15itl05v140-15iwl_firmwares540-14iml_firmwareideapad_gaming_3-15arh05_firmwares540-14iml_touchslim_7-14are05_firmwarelegion_y540-17irh-pg0_firmwareideapad_3-15are05_firmwareyoga_slim_7-14are05slim_7-15imh05d330-10igm_firmwarel340-15iwlideapad_5_pro-14itl6_firmwares340-14api_firmwares340-14apilegion_y540-17irhl340-15irhs340-15iml_firmwarelegion_y7000-2019-pg0_firmwareslim_7-15itl05_firmwarelegion_y545-pg0_firmwarev340-17iwls340-14iml_firmwarelegion_y7000-2019_firmwareideapad_gaming_3-15ach6_firmwareyoga_slim_7-14iil05yoga_slim_7_carbon_13itl5legion_y540-17irh_firmwareslim_7-15iil05yoga_6-13alc6ideapad_3-17are05yoga_slim_7-14iil05_firmwarel340-17iwl_firmwareyoga_slim_7_carbon_13itl5_firmwarec340-15imlideapad_5_pro-14itl6d330-10igmlegion_y540-17irh-pg0flex-15iml_firmwarethinkbook_13x_itgduet_3-10igl5thinkbook_13x_itg_firmwares340-13iml_firmwarev14-areyoga_slim_7-15iil05_firmwares340-15api_touchyoga_slim_7-14are05_firmwareflex-15imll340-15iwl_touchthinkbook_plus_g2_itg_firmwarev14-are_firmwarev340-17iwl_firmwares540-14iml_touch_firmwareideapad_creator_5-15imh05_firmwarec340-15iml_firmwareslim_7-15itl05ideapad_gaming_3-15arh05slim_7-15imh05_firmwareflex-14iml_firmwares340-15api_firmwareduet_3-10igl5_firmwarelegion_y540-15irh_firmwares340-15api_touch_firmwareslim_7-15iil05_firmwarelegion_y7000-2019c340-14imls540-15iml_firmwarethinkbook_14_g3_itl_firmwareyoga_slim_7-15itl05_firmwarelegion_y540-15irhe41-50yoga_slim_7-14itl05ideapad_3-14are05_firmwarec340-14iml_firmwares540-15imlideapad_5-14are05_firmwarev140-15iwll340-15irh_firmwarelegion_y545-pg0l340-17irhthinkbook_14_g3_itlBIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-4211
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.00%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the SMI callback function used in the SMBIOS event log driver in some Lenovo Desktop, ThinkStation, and ThinkEdge models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-a340-24ickthinkcentre_m90a_\(gen_2\)thinkcentre_m90a_\(gen_2\)_firmwarev30a-24imlthinkcentre_m910xideacentre_aio_3-27itl6_firmwarethinkcentre_m720eideacentre_aio_3-22ada6ideacentre_aio_3-27itl6se30_firmwareideacentre_aio_3-22ada6_firmwarethinkstation_p320a340-22icb_firmwarethinkcentre_m800thinkstation_p320_tinyv410z_firmwareideacentre_510s-07icbthinkcentre_m900thinkcentre_m910sthinkcentre_m710q_firmwarethinkstation_p320_firmwarev520thinkcentre_m710ethinkcentre_m710t_firmwarethinkcentre_m75n_firmwarethinkstation_p310_firmwarethinkcentre_m910qthinkstation_p310thinkcentre_m720e_firmwareideacentre_5-14iob6v530-15icb_firmwareideacentre_510s-07ick_firmwarev530s-07icb_firmwarethinkcentre_m810zthinkcentre_m800_firmwarethinkcentre_m75nthinkcentre_m810z_firmwareideacentre_5-14iob6_firmwarethinkcentre_m710qideacentre_aio_3-22itl6_firmwarethinkcentre_m710tv30a-24iml_firmwarethinkcentre_m70a_firmwarea340-22ickv530-15icrideacentre_aio_3-24ada6_firmwarev530s-07icbthinkcentre_m710e_firmwarethinkcentre_m900_firmwarev530-15icba540-27icbv520s_firmwareideacentre_aio_3-22iil5_firmwareideacentre_510s-07icb_firmwarea340-24ick_firmwarev410zthinkstation_p320_tiny_firmwarea340-24icb_firmwareideacentre_creator_5-14iob6se30thinkcentre_m900x_firmwarea540-27icb_firmwarethinkcentre_m700_tinyv30a-22imlv520_firmwareideacentre_aio_3-24itl6thinkcentre_m710q_\(10yc\)ideacentre_aio_3-24ada6a540-24icbthinkcentre_m70av30a-22iml_firmwarethinkcentre_m820z_firmwareideacentre_aio_3-24itl6_firmwarev530s-07icr_firmwarev540-24iwl_firmwareideacentre_510s-07icka540-24icb_firmwarev530s-07icrthinkcentre_m710s_firmwareideacentre_aio_3-22iil5thinkcentre_m910x_firmwarethinkcentre_m910s_firmwarethinkcentre_m820zthinkcentre_m910t_firmwarev50t-13iob_g2_firmwarev50t-13iob_g2a340-22icbthinkcentre_m710sideacentre_gaming_5-14iob6_firmwarethinkcentre_m900xideacentre_aio_3-24iil5thinkcentre_m710q_\(10yc\)_firmwareideacentre_gaming_5-14iob6v520sideacentre_aio_3-22itl6thinkcentre_m910tv530-15icr_firmwareideacentre_aio_3-24iil5_firmwarethinkcentre_m700_tiny_firmwarethinkcentre_m600_firmwareideacentre_creator_5-14iob6_firmwarea340-24icbv540-24iwlthinkcentre_m600thinkcentre_m910q_firmwarea340-22ick_firmwareBIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2023-45079
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 10.28%
||
7 Day CHG~0.00%
Published-08 Nov, 2023 | 22:32
Updated-04 Sep, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leakage vulnerability was reported in the NvmramSmm SMM driver that may allow a local attacker with elevated privileges to write to NVRAM variables.

Action-Not Available
Vendor-Lenovo Group Limited
Product-v30a-24imlthinkcentre_m920qthinkcentre_m820z_all-in-one_firmwarethinkcentre_m70q_firmwarethinkcentre_m720s_firmwarethinkcentre_m80sthinkcentre_m75s_gen_2_firmwarethinkcentre_m720t_firmwarethinkcentre_m80q_firmwarethinkcentre_m920q_firmwarethinkstation_p340_workstationthinkcentre_m920sthinkcentre_m90s_firmwarethinkcentre_m630e_firmwarethinkcentre_m70s_firmwarethinkcentre_m90q_tiny_firmwareideacentre_mini_5-01imh05ideacentre_g5-14imb05_firmwarethinkstation_p330_workstationthinkcentre_m720qthinkcentre_m70qthinkstation_p340_workstation_firmwarev55t_gen_2_13acnthinkstation_p330_tiny_workstation_firmwarethinkstation_p340_tiny_workstationthinkstation_p320_workstationthinkcentre_m630ethinkstation_p520_workstation_firmwarethinkcentre_m625qthinkstation_p348_workstationthinkstation_p360_workstationv50t-13imbideacentre_g5-14amr05_firmwarethinkcentre_m75n_firmwarethinkcentre_m80qthinkstation_p350_workstationthinkcentre_m720sideacentre_mini_5_01iaq7thinkstation_p520c_workstationthinkedge_se30thinkstation_p350_workstation_firmwareideacentre_5-14iob6ideacentre_mini_5-01imh05_firmwarethinkstation_p330_workstation_2nd_genv50a-24imb_firmwarethinkcentre_m70c_firmwarethinkcentre_m920t_firmwarev55t_gen_2_13acn_firmwarethinkcentre_m90tthinkstation_p330_workstation_2nd_gen_firmwarethinkcentre_m75nthinkstation_p920_workstation_firmwareideacentre_5-14iob6_firmwarethinkcentre_m920tlegion_t7-34imz5v30a-24iml_firmwarethinkstation_p520_workstationthinkcentre_m70a_firmwarethinkedge_se30_firmwarev50t-13imh_firmwarethinkcentre_m720tthinkcentre_m920z_all-in-onethinkstation_p520c_workstation_firmwareideacentre_3-07ada05thinkcentre_m70cthinkcentre_m920z_all-in-one_firmwarev50a-22imbv50a-24imbthinkcentre_m90sthinkstation_p720_workstationthinkcentre_m75q_gen_2thinkcentre_m90av50s-07imbideacentre_c5-14imb05ideacentre_creator_5-14iob6thinkcentre_m75s_gen_2v50a-22imb_firmwarethinkcentre_m70sthinkcentre_m80tthinkcentre_m70tv50s-07imb_firmwarev30a-22imlthinkcentre_m625q_firmwarethinkcentre_m90a_firmwarethinkcentre_m920s_firmwarethinkcentre_m720q_firmwareideacentre_c5-14imb05_firmwarethinkcentre_m70av30a-22iml_firmwarethinkstation_p348_workstation_firmwarethinkstation_p920_workstationthinkstation_p330_workstation_firmwareideacentre_3-07ada05_firmwarethinkstation_p360_workstation_firmwarethinkcentre_m75t_gen_2_firmwarethinkcentre_m75q_gen_2_firmwarethinkstation_p340_tiny_workstation_firmwarev50t-13imb_firmwareideacentre_3-07imb05_firmwarev50t-13iob_g2_firmwarev50t-13iob_g2thinkstation_p720_workstation_firmwareideacentre_g5-14amr05ideacentre_gaming_5-14iob6_firmwarethinkcentre_m80t_firmwareideacentre_gaming_5-14iob6thinkcentre_m90q_tinylegion_t7-34imz5_firmwarethinkcentre_m70t_firmwareideacentre_g5-14imb05ideacentre_mini_5_01iaq7_firmwarethinkcentre_m920xthinkstation_p320_workstation_firmwarethinkcentre_m80s_firmwareideacentre_3-07imb05thinkcentre_m75t_gen_2ideacentre_creator_5-14iob6_firmwarethinkcentre_m820z_all-in-onev50t-13imhthinkcentre_m920x_firmwarethinkstation_p330_tiny_workstationthinkcentre_m90t_firmwareBIOSbios
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-3972
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-3.21% / 87.05%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices' BIOS that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.

Action-Not Available
Vendor-Lenovo Group Limited
Product-l340-17irh_firmwareideapad_3-17ada05_firmwarev14_g2-itl_firmwareideapad_3-17itl6legion_5-15ith6hideapad_3-14ada05legion_y545_firmwarelegion_5-15imh6s145-15api_firmwareslim_9-14itl05slim_7_pro-14ihu5legion_y545ideapad_3-17itl6_firmwareyoga_slim_7_pro-14ihu5_olegion_5-17ach6legion_5-15ith6h_firmwarel340-17iwlyoga_c740-14imllegion_5_pro-16ith6legion_5-17ith6hyoga_slim_7_pro-14itl5ideapad_3-17are05_firmwares145-14ast_firmwares145-14iil_firmwarelegion_5-15ach6alegion_5-17ith6_firmwareyoga_slim_9-14itl05_firmwarelegion_y540-15irh-pg0ideapad_3-14igl05_firmwarev14-ada_firmwareideapad_3-14itl05_firmwareyoga_slim_7_pro-14ach5_od_firmwareideapad_3-14iml05_firmwarelegion_5-15imh6_firmwarev140-15iwl_firmwarev14-iilyoga_c940-14iillegion_5_pro-16ach6h_firmwares145-14igmslim_7_pro-14ihu5_firmwarelegion_5-17ach6h_firmwarev15_g1-imlv17-iils540-13iml_firmwareideapad_3-17alc6v14-iil_firmwarelegion_y540-17irhl340-15irhideapad_3-17iml05ideapad_3-17iil05_firmwares540-13api_firmwarev340-17iwlideapad_3-15igl05s145-14igm_firmwareyoga_slim_7_pro-14itl5_firmwares145-15ast_firmwareideapad_5-15are05_firmwareideapad_3-15itl6ideapad_3-15alc6yoga_7-14acn6_firmwareideapad_3-15ada05legion_y540-17irh_firmwareideapad_3-17are05ideapad_3-15ada6legion_5-15ach6legion_7-16ithg6_firmwarelegion_5-15ach6h_firmwareideapad_3-17ada6_firmwareideapad_3-17ada05l3-15itl6_firmwareideapad_3-14iml05yoga_slim_7_pro-14ihu5_o_firmwarev14-ares145-15astyoga_c740-15imls145-15igmv17_g2-itlideapad_3-15iml05s145-15iill340-15iwl_touchlegion_s7-15ach6_firmwareyoga_slim_7_pro-14ach5_firmwareyoga_slim_7_pro-14ach5_oideapad_3-15iil05_firmwarev15_g2-alc_firmwarelegion_5_pro-16ach6legion_y540-15irh_firmwares145-15apiv15_g2-itl_firmwarev14_g1-imllegion_5_pro-16ith6hl340-17irhyoga_slim_7_pro-14ach5_dyoga_slim_7_pro-14ach5ideapad_3-14are05_firmwareideapad_3-14alc6_firmwarelegion_5_pro-16ach6_firmwarev140-15iwllegion_y545-pg0ideapad_3-14igl05l3_15iml05v15-igl_firmwareideapad_gaming_3-15imh05_firmwareideapad_3-15itl05legion_7-16ithg6ideapad_3-15iml05_firmwarelegion_5-17ach6hl340-15iwl_touch_firmwarev15-iillegion_s7-15ach6ideapad_3-15iil05ideapad_3-14ada6ideapad_3-15ada6_firmwareideapad_3-17iml05_firmwarel340-15iwl_firmwarev14-igl_firmwareideapad_3-17ada6legion_5-15ach6a_firmwareyoga_c740-14iml_firmwarev15-ada_firmwareideapad_3-14are05legion_5-17ith6legion_5_pro-16ach6hv14_g2-acllegion_5-17ach6_firmwarelegion_y540-15irh-pg0_firmwareyoga_slim_7_pro-14arh5v15_g2-itlyoga_7-14acn6legion_5-17ith6h_firmwarelegion_5_pro-16ith6h_firmwarelegion_y7000-2019-pg0ideapad_3-14itl6ideapad_gaming_3-15imh05ideapad_3-15are05s540-13imlv15-adas14_g2_itls145-15igm_firmwareideapad_creator_5-15imh05yoga_slim_7_pro-14ach5_odv15_g1-iml_firmwarev15-iglideapad_5-15iil05_firmwarelegion_5-15ith6v17-iil_firmwarev17_g2-itl_firmwareyoga_slim_9-14itl05ideapad_gaming_3-15arh05_firmwarelegion_y540-17irh-pg0_firmwareideapad_3-15are05_firmwareyoga_slim_7_pro-14ach5_d_firmwarel340-15iwlideapad_3-15igl05_firmwareideapad_3-15itl05_firmwareideapad_5-15iil05s145-14api_firmwarelegion_y7000-2019-pg0_firmwarelegion_y545-pg0_firmwareyoga_slim_7_pro-14ach5_o_firmwarev14_g1-iml_firmwarelegion_y7000-2019_firmwareyoga_slim_7_pro-14arh5_firmwares145-14iilideapad_3-14alc6s145-15iil_firmwareslim_9-14itl05_firmwarev14-iglideapad_3-15itl6_firmwarev14_g2-itll340-17iwl_firmwares145-14astv15_g2-alcv15-iil_firmwareyoga_slim_7_pro-14ihu5ideapad_3-14itl6_firmwareideapad_5-15are05legion_y540-17irh-pg0legion_5-15ith6_firmwares14_g2_itl_firmwarel3_15iml05_firmwares145-14apiideapad_3-14ada05_firmwarev14-adav14_g2-acl_firmwareideapad_3-15alc6_firmwarev14-are_firmwareideapad_3-14ada6_firmwarev340-17iwl_firmwareideapad_3-17alc6_firmwareideapad_3-17iil05ideapad_3-15ada05_firmwareideapad_3-14iil05ideapad_3-14iil05_firmwareideapad_creator_5-15imh05_firmwareideapad_gaming_3-15arh05legion_y7000-2019yoga_c940-14iil_firmwareideapad_3-14itl05legion_y540-15irhl3-15itl6legion_5-15ach6_firmwares540-13apilegion_7-16achg6_firmwareyoga_c740-15iml_firmwareyoga_slim_7_pro-14ihu5_firmwarel340-15irh_firmwarelegion_5-15ach6hlegion_5_pro-16ith6_firmwarelegion_7-16achg6Notebook BIOS
CWE ID-CWE-489
Active Debug Code
CVE-2021-3719
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.08%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 22:05
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the SMI callback function that saves and restore boot script tables used for resuming from sleep state in some ThinkCentre and ThinkStation models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkcentre_m4500q_firmwarethinkcentre_m8500t\/sthinkcentre_m83thinkcentre_m800thinkcentre_m6500t\/s_firmwarethinkcentre_m900thinkcentre_m818z_firmwarethinkcentre_m73pthinkstation_p900thinkcentre_m900x_firmwarethinkcentre_m93p_firmwarethinkcentre_m93thinkcentre_m818zthinkcentre_m700_tinythinkstation_p500thinkcentre_m8500t\/s_firmwarethinkcentre_m6500t\/sthinkcentre_m93_firmwarethinkcentre_e93_firmwarethinkstation_p700_firmwarethinkcentre_m73p_firmwarethinkcentre_m73thinkcentre_x1thinkstation_p700thinkstation_p900_firmwarethinkcentre_m4500qthinkcentre_m73_firmwarethinkcentre_m93pthinkstation_p500_firmwarethinkcentre_m800_firmwarethinkcentre_e93thinkcentre_m900xthinkcentre_m83_firmwarethinkcentre_x1_firmwarethinkcentre_m700_tiny_firmwarethinkcentre_m600_firmwarethinkstation_p300thinkstation_p300_firmwarethinkcentre_m600thinkcentre_m900_firmwareThinkCentre and ThinkStation BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2021-3452
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.37%
||
7 Day CHG~0.00%
Published-16 Jul, 2021 | 20:30
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability in the system shutdown SMI callback function in some ThinkPad models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_11e_4th_genthinkpad_x380_yogathinkpad_t460thinkpad_yoga_11e_4th_genthinkpad_13_gen_2thinkpad_yoga_370thinkpad_l15_gen_2thinkpad_e15_gen_2thinkpad_l15thinkpad_l390thinkpad_yoga_11e_3rd_genthinkpad_11e_5th_genthinkpad_l380thinkpad_l14_gen_2thinkpad_l390_yogathinkpad_l13_gen_2thinkpad_11e_3rd_genthinkpad_x260thinkpad_x12_detachable_gen_1thinkpad_e14_gen_2thinkpad_l13_yogathinkpad_l380_yogabiosthinkpad_l13_yogo_gen_2thinkpad_11e_yoga_gen_6thinkpad_l14thinkpad_l13ThinkPad BIOS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-1110
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.65%
||
7 Day CHG~0.00%
Published-18 May, 2022 | 16:10
Updated-02 Aug, 2024 | 23:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in Lenovo Smart Standby Driver prior to version 4.1.50.0 could allow a local attacker to cause denial of service.

Action-Not Available
Vendor-Lenovo Group Limited
Product-smart_standby_driverSmart Standby Driver
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-0636
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-5||MEDIUM
EPSS-0.04% / 12.17%
||
7 Day CHG~0.00%
Published-22 Apr, 2022 | 20:30
Updated-02 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability was reported in Lenovo Thin Installer prior to version 1.3.0039 that could trigger a system crash.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thin_installerThin Installer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-6192
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-4.4||MEDIUM
EPSS-2.10% / 84.10%
||
7 Day CHG~0.00%
Published-10 Dec, 2019 | 18:05
Updated-17 Sep, 2024 | 04:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_a275thinkpad_e15thinkpad_x1_yoga_gen_2thinkpad_x380_yogathinkpad_a485thinkpad_25thinkpad_s2_yoga_gen_5thinkpad_e490thinkpad_s2_gen_2thinkpad_p53sthinkpad_t480sthinkpad_t570thinkpad_s1_gen_4thinkpad_t490thinkpad_p51sthinkpad_t590thinkpad_x390_yogathinkpad_p53thinkpad_e575thinkpad_e14thinkpad_e570thinkpad_l590thinkpad_p7thinkpad_l570thinkpad_x1_carbon_gen_5thinkpad_p52thinkpad_p43sthinkpad_a475thinkpad_l480thinkpad_e475power_management_driverthinkpad_s5_gen_2thinkpad_x1_yoga_gen_4thinkpad_13_gen_2thinkpad_e495thinkpad_l580thinkpad_x270thinkpad_a285thinkpad_e580thinkpad_p1thinkpad_x1_tablet_gen_2thinkpad_x280thinkpad_x390thinkpad_s3_gen_2thinkpad_p1_gen_2thinkpad_x1_yoga_gen_3thinkpad_r14thinkpad_yoga_370thinkpad_l470thinkpad_x1_carbon_gen_7thinkpad_x395thinkpad_t470thinkpad_l390thinkpad_e570cthinkpad_l380thinkpad_t580thinkpad_l390_yogathinkpad_r480thinkpad_x1_extremethinkpad_e480thinkpad_l490thinkpad_l380_yogathinkpad_p51thinkpad_l13thinkpad_t490sthinkpad_p73thinkpad_e470thinkpad_s2_gen_5thinkpad_x1_tablet_gen_3thinkpad_e590thinkpad_t470sthinkpad_p72thinkpad_t470pthinkpad_e470cthinkpad_e595thinkpad_t495thinkpad_l13_yogathinkpad_t480thinkpad_x1_extreme_2ndthinkpad_p52sthinkpad_x1_carbon_gen_6Power Management driver
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-27908
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-4.9||MEDIUM
EPSS-0.05% / 16.70%
||
7 Day CHG~0.00%
Published-05 Apr, 2024 | 20:46
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service.

Action-Not Available
Vendor-Lenovo Group Limited
Product-Printers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2015-5684
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.06% / 88.55%
||
7 Day CHG~0.00%
Published-27 Mar, 2020 | 14:05
Updated-06 Aug, 2024 | 06:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflow vulnerability was reported, (fixed and publicly disclosed in 2015) in the Lenovo Service Engine (LSE), affecting various versions of BIOS for Lenovo Notebooks, that could allow a remote user to execute arbitrary code on the system.

Action-Not Available
Vendor-n/aLenovo Group Limited
Product-edge_15_firmwareg50-80_touch_v3000z51-70ideapad_100-15ibyg40-80mz41-70_firmwareflex_2_pro-15s435g50-80mideapad_100-15iby_firmwareu31-70ideapad_100-14ibys21e_firmwarez70-80g40-80u41-70g50-80_touch_v3000_firmwarez41-70flex_3-1120m40-35_firmwareyoga_3_11flex_3-1570_firmwarez51-70_firmwareu41-70_firmwareyoga_3_11_firmwareg50-80_touch_firmwarey40-80_firmwareg50-80_touchyoga_3_14g50-80_firmwares41-70_firmwareyoga_3_14_firmwarez70-80_firmwareedge_15g70-80_firmwarem40-35flex_2_pro-15_firmwareb50-10_firmwareflex_3-1470flex_3-1120_firmwares21eg50-80u31-70_firmwareb50-10ideapad_100-14iby_firmwarey40-80g40-80m_firmwares41-70s435_firmwareg50-80m_firmwareg40-80_firmwareg70-80flex_3-1570flex_3-1470_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-34886
Matching Score-6
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-6
Assigner-Lenovo Group Ltd.
CVSS Score-8.8||HIGH
EPSS-3.79% / 88.09%
||
7 Day CHG~0.00%
Published-27 Oct, 2023 | 18:40
Updated-10 Sep, 2024 | 14:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability was found in the firmware used in some Lenovo printers, which can be caused by a remote user pushing an illegal string to the server-side interface via a script, resulting in a stack overflow.

Action-Not Available
Vendor-Lenovo Group Limited
Product-gm266dns_firmwaregm266dnsg263dns_firmwareg263dnsgm265dngm265dn_firmwarePrinter GM265DN (production date July 2022 and later)Printer GM266DNSPrinter GM265DN (production date June 2022 and before)Printer G263DNSgm266dns_firmwareg263dns_firmwaregm265dn_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-9403
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.85%
||
7 Day CHG~0.00%
Published-04 Dec, 2024 | 23:29
Updated-19 Dec, 2024 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF handler of flp2hal_- interface.c, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege in a privileged process with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroidpixel
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-5164
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.23%
||
7 Day CHG~0.00%
Published-30 Mar, 2026 | 15:02
Updated-01 Apr, 2026 | 14:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request

A flaw was found in virtio-win. The `RhelDoUnMap()` function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. This can cause a system crash, resulting in a Denial of Service (DoS).

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat Enterprise Linux 9
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-9386
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 9.58%
||
7 Day CHG~0.00%
Published-05 Dec, 2024 | 22:20
Updated-19 Dec, 2024 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-25467
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 4.17%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:07
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynos_9830exynos_980exynos_2100Samsung Mobile Devices
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-24153
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.75%
||
7 Day CHG~0.00%
Published-27 Jan, 2025 | 21:45
Updated-02 Apr, 2026 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3. An app with root privileges may be able to execute arbitrary code with kernel privileges.

Action-Not Available
Vendor-Apple Inc.
Product-macosmacOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25469
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6||MEDIUM
EPSS-0.02% / 5.24%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:07
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynosSamsung Mobile Devices
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-24022
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 15.31%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 10:32
Updated-25 Oct, 2024 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability in FortiAnalyzer CLI 6.4.5 and below, 6.2.7 and below, 6.0.x and FortiManager CLI 6.4.5 and below, 6.2.7 and below, 6.0.x may allow an authenticated, local attacker to perform a Denial of Service attack by running the `diagnose system geoip-city` command with a large ip value.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortianalyzerfortimanagerFortinet FortiAnalyzer, FortiManager
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-22301
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 9.42%
||
7 Day CHG~0.00%
Published-05 Feb, 2021 | 23:56
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-mate_30mate_30_firmwareHUAWEI Mate 30
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43525
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.52%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragonsa8255p_firmwaresa8770p_firmwareqam8650p_firmwaresa8775p_firmwarear8035_firmwaresrv1h_firmwaresa9000p_firmwareqca6698aq_firmwaresa8150p_firmwareqfw7114_firmwareqam8255p_firmwareqcn6274_firmwareqca8081_firmwaresa8650p_firmwareqamsrv1m_firmwareqam8295p_firmwaresa6150p_firmwareqam8775p_firmwareqamsrv1h_firmwarefastconnect_7800_firmwareqcn6224_firmwaresa8195p_firmwareqcc710_firmwaresa6155p_firmwaresa6145p_firmwaresrv1m_firmwareqca6574au_firmwaresa8620p_firmwaresa8295p_firmwaresa8145p_firmwareqca6584au_firmwareqfw7124_firmwaresa7255p_firmwareqca6696_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca8337_firmwaresa8155p_firmwarewcd9340_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1931
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.28%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper validation of buffer length while processing fast boot commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwarewcn3991_firmwarewsa8830sd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610qcs2290_firmwarefsm10056qca8337qca6431_firmwarecsrb31024sd_636csra6620fsm10055_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155qca6335sd690_5gsd730_firmwarewcd9370csra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6564qcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377sa415mwcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwarewcd9385_firmwaresm4125sd720gwcd9326_firmwarewcn3950sd662sd710_firmwaresd460_firmwaresa8155qca6320_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcn3999_firmwareqca6420qca6436_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca6310sd778gwcn3999sdxr2_5gqcs6125sa8155_firmwaresd662_firmwaresdm630sa415m_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250wcd9340sa8195psdm830_firmwarewsa8810_firmwaresd765gsd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qcs603_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sa8150psd750g_firmwaresm6250_firmwarewcd9375wcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwaresd660_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd780gsd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwaresd888sd670_firmwareqca6574wsa8835sd665_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwareqca6174asm7325psdx24_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwarewcn3980wcn6750qca6335_firmwareqca6574_firmwareqcs605wcd9340_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665wcn3910qca6320wcn6850wsa8815sd_8c_firmwaresd765qca6426_firmwareqca6574a_firmwaresd768g_firmwaresd835wcn3980_firmwaresm7315sd460qca6391sd730sdx55msdxr1_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwarecsrb31024_firmwareqcm4290sdx50msd480_firmwareqcs603wcn6851_firmwareqca6574ausa8155p_firmwaresd710sd_636_firmwaresd670qca6564a_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wsa8810qcs610_firmwarewcn6856sd_8csa6145psd835_firmwareqca6564_firmwaresdxr1sd768gar8031qcs405_firmwaresa8145pwcn6740qca6696sdm630_firmwareqca6391_firmwaresd845_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55sa8155pcsra6640sd675sd845sm7250psdm830sd720g_firmwareqcs410_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1962
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.47%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055wcn3991_firmwaremdm9150_firmwaresd678qca9561sa6150p_firmwaresa8145p_firmwareqcs610fsm10056ar9380qca9563_firmwareqca9561_firmwarefsm10055_firmwareqca9880_firmwareqca9992wcn3950_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwareipq8069_firmwaresa6155sd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqca6584au_firmwarewcn3990_firmwareqca9984_firmwarewcn3998wcn3950wcd9326_firmwaresd720gwcn3615_firmwareqca9563wcn3660bqca9982sa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6584ausa6155p_firmwareipq8065qca9990sa8155_firmwareipq8068wcn3988_firmwareqca6430sa6145p_firmwaresd205sm6250wcd9340sa8195pwsa8810_firmwarequalcomm215_firmwarefsm10056_firmwarewcd9326wcd9335sa6155pqca9982_firmwareqca9888_firmwarewcd9341ipq8068_firmwareqca6696_firmwareqca9898_firmwarewcd9375aqt1000sa8150psm6250_firmwaresda429wsd210qca9992_firmwaresd855_firmwarewcn3620_firmwarewcn3988wsa8815_firmwarewcn3620sa8195p_firmwareqca9898wcn3610qca9882wcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675qca9980_firmwareqca6595ar9380_firmwaresdx55m_firmwareqca9558qca9558_firmwareqca9896_firmwareipq8065_firmwareqca6574sd665_firmwarewcd9380qualcomm215qcs410qca6574asdx50m_firmwareqca9889qca9888qca6430_firmwareqca9994_firmwarewcd9335_firmwarewcn3980qca6574_firmwareqca9886qcs605sd855wcd9340_firmwarewsa8815sd665qca9887wcn3660b_firmwarewcn3680qca6574a_firmwareqca9984ipq8064ipq8069wcn3980_firmwaresd730qca6391sdx55mipq8064_firmwareaqt1000_firmwaresd678_firmwarewcn3680_firmwaresdx50mqca9882_firmwareqca9994qca9887_firmwareqca9531qca6574auqca9889_firmwaresa8155p_firmwareqca9980sd205_firmwareqca9880wcd9341_firmwarewsa8810sd210_firmwareqcs610_firmwaremdm9150sa6145pqca9886_firmwareqca6595_firmwaresa8145pqca6696qca6391_firmwarewcd9370_firmwaresa6150psdx55sa8155psd675qca9990_firmwareqca9531_firmwaresd720g_firmwareqcs410_firmwareqca9896Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1961
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-1.93% / 83.42%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresm7250mdm9640_firmwaresa6150p_firmwaresa8145p_firmwareqcs610wsa8830fsm10056qca8337sm7250_firmwareqca6431_firmwaremdm9650csra6620fsm10055_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareapq8009_firmwaresa6155sd690_5gwcd9370csra6620_firmwareqcs605_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377wcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwarewcn3615_firmwaremdm9206_firmwarewcn3660bsd662sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca9367_firmwaresd778gwcn3999qrb5165_firmwaresdxr2_5gqca9367qcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresd205qca6421sd778g_firmwarewcd9340sa8195pwsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qca6174a_firmwarewcd9385wcd9341qca6431qca6696_firmwaresd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sa8150psd750g_firmwarewcd9375msm8953_firmwarewsa8830_firmwaresda429wsd210sd855_firmwaresd865_5g_firmwarewcn3620_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwarewcn3610qcm6125_firmwaremdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwarewcn3990wcd9330msm8996au_firmwaresd780gsd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwarewsa8835qca6574msm8996ausd665_firmwarewcd9380sd888_5gwcn3999_firmwarequalcomm215qcs410qca6574asd690_5g_firmwaremdm9206wcn6855_firmwareqca6174asm7325qca6430_firmwarewcd9335_firmwarewcn3980wcn6750qca6574_firmwareqcs605wcd9340_firmwaresd855wsa8815wcn6850sd665mdm9650_firmwaresd_8c_firmwaresd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwarewcn3980_firmwareapq8009qca6391sd460sdx55mwcd9330_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953ar8031_firmwarewcn3680_firmwareqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd205_firmwareqca6564a_firmwarewcd9341_firmwareqcm6125sd480sd870wsa8810wcn6855sd210_firmwareqcs610_firmwaremdm9150wcn6856qsm8250sd_8csa6145pwcn3680bsd768gapq8096auar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55apq8053apq8096au_firmwarecsra6640sa8155psdx12qcs410_firmwarear8035_firmwareqsm8250_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1966
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.47%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055wcn3991_firmwarewsa8830sm7250sa6150p_firmwaresa8145p_firmwareqcs610fsm10056qca8337sm7250_firmwarecsra6620fsm10055_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresa6155sd690_5gwcd9370csra6620_firmwarecsra6640_firmwareqcs6125_firmwarewcn3998sd_8cx_firmwarewcd9385_firmwarewcn3950sa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwarewcn3999_firmwareqca6420sa6155p_firmwarewcn3999qcs6125sa8155_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwarewcd9340sa8195pwsa8810_firmwaresd765gsd765_firmwarefsm10056_firmwarewcn6851wcd9335sa6155pwcd9385wcd9341qca6696_firmwaresd750gsd870_firmwareqca6390ar8035sd_8cxaqt1000sa8150psd750g_firmwarewcd9375wsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcm6125_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresd865_5gqca6595sdx55m_firmwarewsa8835qca6574sd665_firmwarewcd9380qcs410qca6574asd690_5g_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6574_firmwarewcd9340_firmwaresd855wsa8815wcn6850sd665sd_8c_firmwaresd765qca6574a_firmwaresd768g_firmwarewcn3980_firmwareqca6391sdx55maqt1000_firmwarear8031_firmwarewcn6851_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125wsa8810sd870qcs610_firmwaresd_8csa6145psd768gar8031qca6595_firmwareqcs405_firmwaresa8145pqca6696qca6391_firmwarewcd9370_firmwaresa6150psdx55sa8155pcsra6640qcs410_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-33226
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.90%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking the size of input in Core

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwareqam8255p_firmwarewcn3991wcd9380_firmwarewsa8830wcn785x-5sm8350-ac_firmwaresm8150-acwsa8835wcd9380qca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwaresm8350snapdragon_wear_4100\+_platformwcn685x-5_firmwarewcn685x-1qca6430_firmwaresm8450wcn3980wcn3998wcd9385_firmwaresd855wcn3660bwsa8815wcn3660b_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn785x-5_firmwarewcn3980_firmwarewcn3610_firmwareqca6420aqt1000_firmwareqca6698aqsm8350_firmwarewcn685x-5qca6797aq_firmwareqca6430wcn785x-1_firmwareqca6574auwsa8810_firmwarewcd9341_firmwaresm8450_firmwarewsa8810sa8255p_firmwaresm8150-ac_firmwareqca6698aq_firmwarewcn3680bsm8350-acwcn685x-1_firmwarewcd9385sm8150_firmwaresa8255pwcd9341qca6797aqaqt1000wsa8830_firmwaresd855_firmwaresm8150wcn785x-1wsa8815_firmwarewsa8835_firmwareqam8255pwcn3610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-0115
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.28% / 51.39%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Intel Corporation
Product-core_i7-6870hqxeon_e-2286gatom_c3950core_i3-9100ecore_i3-10100xeon_silver_4109tcore_i3-7300core_i5-1038ng7core_i5-11400core_i9-7900xcore_i7-10510yxeon_d-1548xeon_bronze_3106xeon_platinum_8260yxeon_d-1633nxeon_d-1653nxeon_platinum_8153xeon_e-2246gcore_i5-6350hqcore_i9-9960xcore_i3-6300txeon_e-2374gxeon_gold_5218txeon_w-2123core_i5-11260hxeon_e-2236xeon_gold_5218nxeon_w-1270exeon_d-1531core_i5-6500tcore_i5-7500core_i5-6260uxeon_e-2278gecore_i5-7440hqxeon_platinum_8156core_i7-8709gatom_c3758xeon_d-2177ntxeon_gold_6142fxeon_silver_4214ycore_i9-11900kfxeon_w-10855mxeon_gold_6230txeon_silver_4210rxeon_w-1270xeon_w-3235core_i9-10900txeon_e-2126gcore_i5-8200ycore_i7-10700tecore_i9-10900kxeon_gold_5220rcore_i5-8260ucore_i5-11400fxeon_w-11955mcore_i5-10400txeon_w-1290ecore_i7-1185g7core_i7-9700kfcore_i9-10900xxeon_platinum_9221xeon_d-2142itcore_m7-6y75xeon_w-3335core_i9-11900kcore_i5-10500hxeon_w-11555mrecore_i5-10600kfxeon_e-2146gcore_i3-1005g1core_i7-1068ng7xeon_silver_4112xeon_gold_6140xeon_d-1637core_i5-9400fcore_i3-10100ecore_i7-6800kcore_i7-7560uatom_c3538core_i7-9700txeon_gold_5120xeon_gold_6238core_i5-11600kfcore_i5-7600tcore_i7-4820kxeon_d-1602core_i5-8365uatom_c3508xeon_w-2245core_i5-9600kfxeon_d-2145ntxeon_platinum_8256xeon_gold_6130fxeon_e-2276mxeon_e-2224gcore_i5-8269uxeon_d-2163itcore_i3-1120g4core_i7-3930kcore_i5-11400hcore_i9-11900hxeon_d-1623ncore_i7-1185g7ecore_i7-10810ucore_i3-10300txeon_d-1521core_i3-8100core_i3-8145uecore_i5-1130g7core_i9-11900core_i5-6585rcore_i5-9600kxeon_gold_6144core_i5-8265ucore_i7-10700tcore_i9-9900kfcore_i3-7100core_m5-6y54core_i5-6300hqxeon_gold_5118core_i5-1145g7core_i5-9300hcore_i5-10500ecore_i7-10750hcore_i9-10850kxeon_silver_4114tcore_i5-8500bxeon_d-2143itxeon_silver_4209txeon_e-2226gexeon_gold_6212ucore_i5-6600core_i3-8100hcore_i7-8706gcore_i3-6300core_i9-11900fxeon_silver_4215xeon_gold_6230ncore_i9-10920xcore_i9-11950hatom_c3750xeon_gold_6138pcore_i7-1195g7core_i5-10310ucore_i9-10885hcore_i7-8557ucore_i5-7440eqcore_i3-6320xeon_e-2386gcore_i7-1165g7core_m3-7y32core_i7-11850hexeon_e-2134xeon_w-1290tecore_i5-1145g7ecore_i5-6440eqcore_i5-1030g7core_i9-10980hkxeon_e-2176mxeon_w-11155mlexeon_gold_6130xeon_silver_4210txeon_e-2274gxeon_gold_6136core_i5-6287ucore_i7-8500yxeon_w-3323core_i5-9600tatom_c3558rcore_i9-7960xxeon_w-1370atom_c3808core_i5-9600xeon_d-1559xeon_gold_6134xeon_w-3375xeon_e-2174gcore_i5-8600txeon_d-1537xeon_gold_5218bxeon_gold_6128core_i7-1180g7xeon_e-2176gxeon_e-2288gcore_i3-6100hcore_i7-7500uxeon_gold_6146xeon_w-1370pxeon_gold_6254core_i3-10320xeon_gold_5218rcore_i3-10105fxeon_w-2235core_i3-6098pcore_i5-6400xeon_d-1649nxeon_w-3175xcore_i7-10875hxeon_w-3225core_i3-7101tecore_i7-7700xeon_d-1540core_i3-11100hecore_i5-10400hxeon_gold_6246rcore_i5-7300hqxeon_d-1513nxeon_w-10885mxeon_gold_6126xeon_d-1527core_i9-9940xcore_i9-9900xcore_i5-6600kcore_i9-7940xcore_i7-9700exeon_e-2254mecore_i7-9700tecore_i7-6700txeon_gold_6248rxeon_silver_4214xeon_w-2125xeon_platinum_9222core_i3-10105tcore_i5-11300hcore_i5-6500texeon_gold_5220sxeon_platinum_8260core_i5-6500core_i3-1000g4core_i3-9100hlcore_i9-10900kfcore_i3-10100tatom_c3858xeon_d-2146ntxeon_e-2144gcore_i9-9980hkxeon_w-11555mlecore_i5-11500hexeon_e-2244gcore_i3-7100tcore_i3-6102exeon_w-1390txeon_silver_4216core_i5-1140g7core_i7-11700kfcore_i7-10610ucore_i7-6770hqxeon_platinum_8180xeon_platinum_8276lxeon_gold_6138tcore_i7-7740xcore_i7-11375hcore_i7-7y75core_i7-8559ucore_i5-9500eatom_c3850core_i5-11500txeon_e-2124gcore_i7-4930kcore_i5-9400core_i7-4960xcore_i7-5960xcore_i7-6600uxeon_gold_6138core_i7-1185grecore_i3-10325xeon_gold_6138fxeon_e-2356gcore_i7-8700xeon_d-1557core_i3-7130ucore_i5-8400atom_c3436lxeon_w-3245mxeon_e-2334core_i7\+8700core_i7-9850hatom_c3708xeon_w-1350core_i5-7600core_i9-10980xecore_i7-6500ucore_i5-1035g1xeon_w-11865mlecore_i7-11850hxeon_w-1290xeon_e-2186gxeon_silver_4210core_i3-10110uxeon_gold_6234atom_c3336core_i7-4930mxxeon_w-1350pcore_i9-10900xeon_w-1250core_i5-9400tcore_i5-7360ucore_i5-7300ucore_i7-11800hcore_i3-10300core_i5-6600tcore_i7-8565uxeon_gold_6154xeon_silver_4110core_i7-7700katom_c3830xeon_platinum_8176core_i7-10870hcore_i3-10100fcore_i7-10510uxeon_bronze_3104xeon_w-1290pcore_i5-8310yxeon_gold_5217core_i5-6440hqcore_i7-6850kxeon_gold_5120txeon_e-2324gxeon_w-3245core_i7-6660ucore_i9-7980xecore_i3-6100exeon_gold_6210ucore_i5-7200uxeon_gold_5115core_i7-9700fxeon_w-3345core_i5-10210ucore_i7-6820hqxeon_d-1528xeon_w-2295xeon_e-2234core_i3-9100tcore_i5-10500core_i5-8400bcore_i3-7100hcore_i7-8850hxeon_gold_5215core_i3-6100ucore_i9-9900kscore_i9-7920xxeon_w-11865mrecore_i5-11600kcore_i9-10900tecore_i9-8950hkcore_i5-6360ucore_i3-6157ucore_i5-9500fcore_i3-10100yxeon_e-2378core_i7-7820xcore_i3-1115g4ecore_i5-10600tcore_i5-7640xcore_i7-7800xxeon_w-3275mxeon_gold_6250lcore_i5-9400hxeon_gold_6209ucore_i9-9920xxeon_platinum_8253xeon_gold_6252ncore_i7-7660ucore_i3-9320xeon_platinum_8158core_i7-7700hqatom_c3308xeon_platinum_8280core_i5-6402pcore_m3-7y30xeon_w-11155mrexeon_gold_6252xeon_w-2135core_i3-10105core_i5-11400tcore_i7-11700kcore_i7-4940mxcore_i7-8550uxeon_e-2276mlxeon_gold_6246xeon_silver_4214rcore_i9-10940xcore_i7-9700core_i7-6700hqcore_i3-8300core_i7-9850hexeon_gold_6230rcore_i7-10700kfcore_i5-8400tcore_i5-7500txeon_d-2187ntxeon_silver_4116tcore_i7-1065g7xeon_d-1518core_i7-9800xxeon_silver_4208core_i5-6267ucore_i3-1000g1xeon_gold_6126txeon_w-2225xeon_silver_4116xeon_e-2276mecore_i5-7y54xeon_w-1250ecore_i5-7400core_i7-6950xfas\/aff_biosxeon_platinum_8160fxeon_platinum_8164core_i7-6567uxeon_platinum_8176fxeon_gold_5215lcore_i5-7287uxeon_platinum_8168core_i7-3970xcore_i7-3960xcore_i7-11600hcore_i7-7920hqcore_i7-10700core_i5-1145grecore_i3-7020uxeon_d-1533nxeon_gold_6240lxeon_w-3265mxeon_gold_6248core_i5-1135g7xeon_w-2195xeon_e-2136core_i5-9300hfxeon_w-1270pcore_i3-1115g4xeon_gold_6258rxeon_platinum_9282core_i3-8145ucore_i3-9300core_i5-10400xeon_d-2173itxeon_d-2161icore_i7-7567uxeon_w-1250pcore_i7-8700kcore_i5-1155g7core_i3-9300tcore_i7-7820hqcore_i7-7820eqcore_i7-9700kxeon_d-2123itxeon_platinum_8160tcore_i3-8109ucore_i5-8365uexeon_gold_6142core_i3-1110g4xeon_bronze_3206rxeon_gold_6148core_i7-3820xeon_w-3275xeon_gold_6240core_i3-7320core_i7-10700ecore_i5-8350ucore_i7-3940xmxeon_gold_5220xeon_gold_6126fcore_i3-10100tecore_m5-6y57xeon_e-2388gcore_i7-11390hxeon_platinum_8268xeon_e-2226gcore_i5-7y57core_i7-6700texeon_gold_6240rcore_i7-3920xmcore_i5-7260uxeon_e-2278gxeon_silver_4215rcore_i9-10900ecore_i3-9100core_i7-9750hxeon_e-2124core_i5-8250ucore_i5-8600core_i9-11980hkxeon_w-3265core_i5-10500tecore_i5-11500core_i3-6100tecore_i7-11700xeon_platinum_8160xeon_gold_5119tcore_i7-8700bcore_i5-10500txeon_gold_6148fcore_i5-10600core_i5-10310yxeon_w-1250texeon_gold_6208ucore_i3-9100teatom_c3338core_i5-8259uxeon_gold_6242core_i7-10700kxeon_e-2336xeon_d-1627xeon_e-2186mxeon_e-2286mcore_i9-9880hcore_i7-6650ucore_i7-11370hcore_i5-7442eqcore_i7-8665uecore_i3-8130ucore_i3-7167ucore_i3-8300tcore_i5-11500hcore_i5-1035g4core_i5-11600tcore_i7-8650ucore_i5-10200hcore_i9-9900kcore_i7-8705gxeon_platinum_8276xeon_d-1529xeon_gold_5220tcore_i7-5930kcore_i5-10400fcore_i7-1160g7core_i7-7600uxeon_gold_6244xeon_gold_6242rcore_i3-7100exeon_w-2275xeon_w-2265core_i5-9500xeon_gold_6226rcore_i3-7101ecore_i9-9900xeon_bronze_3204core_i9-9820xxeon_d-1567xeon_w-3365core_i7-9850hlcore_i5-8400hcore_i5-6300ucore_m3-6y30core_i7-9750hfxeon_d-2141ixeon_w-2175xeon_silver_4108core_i3-10110ycore_i5-1035g7core_i7-7820hkxeon_e-2254mlxeon_w-11855mcore_i5-8305gcore_i3-6100xeon_gold_6240ycore_i3-9350kxeon_gold_6238lxeon_w-1390cloud_backupcore_i3-1115grecore_i5-11600core_i5-7400tcore_i7-11700fcore_i3-6100tcore_i7-8750hcore_i7-8665ucore_i3-10305txeon_d-2183itcore_i5-8300hcore_i3-8140ucore_i3-8350kcore_i5-10600kcore_i7-8086kxeon_gold_5222core_i7-10850hxeon_d-1523nxeon_gold_6256core_i5-9500teatom_c3958xeon_gold_6130tatom_c3338rxeon_d-1520core_i3-8100bcore_i3-6167ucore_i5-8279uxeon_platinum_8280lcore_m3-8100ycore_i5-7267ucore_i5-8600kcore_i3-7100uxeon_d-1543ncore_i5-6442eqcore_i7-8700txeon_silver_4114xeon_d-1541core_i7-11700txeon_d-1622xeon_platinum_9242core_i7-6700kcore_i7-6970hqxeon_w-2223core_i7-6822eqcore_i3-7300txeon_gold_6238tatom_c3955core_i5-8500core_i9-11900tcore_i5-8210ycore_i7-6785rcore_i7-6560ucore_i7-1060g7core_i5-8257ucore_i7-8569ucore_i7-5820kcore_i9-9900tcore_i7-6900kcore_i7-7700tcore_i9-9980xeatom_c3558core_i5-6685rxeon_w-2133xeon_gold_6250core_i3-9350kfxeon_platinum_8260lxeon_platinum_8270xeon_w-1290tcore_i5-8500tcore_i7-8809gxeon_gold_6226core_i5-11320hxeon_d-1577xeon_gold_6132xeon_e-2314core_i5-6400tcore_i3-10305xeon_d-2166ntcore_i3-7350kxeon_w-1390pcore_i5-10505xeon_d-1539core_i7-6700core_i7-6820eqcore_i7-6920hqcore_i5-7600kcore_i7-6820hkxeon_w-2255xeon_gold_6262vcore_i3-6006ucore_i7-10710ucore_i5-10210ycore_i5-10300hxeon_w-1270texeon_e-2224xeon_gold_5218xeon_w-2145xeon_gold_6238rcore_i3-9100fxeon_platinum_8170core_i9-10900fcore_i3-1125g4xeon_e-2278gelxeon_d-1553ncore_i5-1030g4xeon_e-2378gcore_i3-8100tcore_i5-9500txeon_w-3223xeon_w-2155xeon_gold_6152core_i3-7102exeon_gold_6150xeon_e-2276gcore_i5-6200uxeon_gold_6222vcore_i7-10700fxeon_d-1571xeon_gold_5122atom_c3758rxeon_gold_6230Intel(R) Processors
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-33230
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.26%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking the size of input in FM Host

Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830sa6150p_firmwaresa8145p_firmwaresw5100pqca6554asnapdragon_w5\+_gen_1_wearable_platformqca6595qca6564auwsa8835qca6574sa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwarewcd9370qca6574asnapdragon_wear_4100\+_platformqca6584au_firmwareqca6430_firmwarewcn3980sm4375wcn3998qca6554a_firmwarewcd9385_firmwareqca6574_firmwaresm6375_firmwarewcn3660bsd855wsa8815wcn3660b_firmwareqca6574a_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcd9375_firmwarewcn3980_firmwarewcn3610_firmwareqca6420sm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareaqt1000_firmwareqca6564au_firmwareqca6584ausa6155p_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresm4375_firmwaresw5100wsa8810sa6155psw5100p_firmwaresa6145pwcn3680bwcd9385sm8150_firmwarewcd9341qca6696_firmwareqca6595_firmwaresa8145pqca6696sm4350wcd9375sm4350_firmwareaqt1000sa8150pwcd9370_firmwaresm4350-ac_firmwaresa6150psa8155pwsa8830_firmwaresd855_firmwaresm8150wcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwarewcn3610Snapdragonaqt1000_firmwareqca6564au_firmwaresa6155p_firmwaresa6150p_firmwaresa8145p_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwarewsa8810_firmwaresa8150p_firmwarewcd9341_firmwareqca6420_firmwareqca6595au_firmwaresw5100p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqca6696_firmwareqca6430_firmwareqca6595_firmwareqca6554a_firmwarewcd9385_firmwaresnapdragon_855_mobile_platform_firmwareqca6574_firmwarewcd9370_firmwarewsa8830_firmwaresd855_firmwarewsa8815_firmwarewcn3660b_firmwarewsa8835_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresa8195p_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcn3680b_firmwaresw5100_firmwarewcd9375_firmwarewcn3980_firmwarewcn3610_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8710
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 23.52%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:31
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-30784
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.66%
||
7 Day CHG~0.00%
Published-26 May, 2022 | 00:00
Updated-02 Dec, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22.

Action-Not Available
Vendor-tuxeran/aFedora ProjectDebian GNU/Linux
Product-debian_linuxntfs-3gfedoran/a
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-25712
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 28.22%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewcd9340_firmwareqca6310qualcomm215_firmwarewsa8835mdm9150_firmwaresdx55msd855_firmwarewcn3998wcn6850_firmwarewsa8810_firmwarewsa8815_firmwarewcn3610_firmwareqca6436qca6426_firmwarewcn3660bwcn3660b_firmwaresd710_firmwareqcs410_firmwaresd205_firmwarewsa8810sdxr1sd210wcd9341_firmwarewsa8830sw5100p_firmwarewsa8815qca6390sda429w_firmwarewcn3680baqt1000_firmwarewsa8835_firmwareqca6430sw5100sd855qca6391wcn3998_firmwarewcd9340wcn6850wcn6851wcn3950wcd9370_firmwaresdxr2_5g_firmwareqca6420_firmwaresda429wqcc5100_firmwaresd210_firmwarewsa8830_firmwarewcn3680b_firmwaresdxr2_5gsd865_5g_firmwarewcd9341wcn3980_firmwarewcn6851_firmwarewcd9326qcs610qcs610_firmwarequalcomm215qca6391_firmwaresd205wcd9326_firmwareqcc5100wcd9380wcn3610qca6335sw5100_firmwareqca6430_firmwaresd865_5gqca6426sd870qca6335_firmwaresdx55m_firmwareaqt1000wcn3990_firmwarewcn3950_firmwarewcn3988mdm9150qca6390_firmwareqca6420wcn3988_firmwareqca6310_firmwaresd710sd870_firmwaresw5100psd845_firmwaresdxr1_firmwareqca6436_firmwaresd845wcd9370qcs410wcn3990wcn3980Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-6564
Matching Score-4
Assigner-Automotive Security Research Group (ASRG)
ShareView Details
Matching Score-4
Assigner-Automotive Security Research Group (ASRG)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.96%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:18
Updated-22 Aug, 2024 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer overflow in Rensas RCAR

Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.

Action-Not Available
Vendor-renesasRenesasrenesas
Product-arm-trusted-firmwarercar_gen3_v2.5rcar_gen3_v2.5
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-6563
Matching Score-4
Assigner-Automotive Security Research Group (ASRG)
ShareView Details
Matching Score-4
Assigner-Automotive Security Research Group (ASRG)
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.10%
||
7 Day CHG~0.00%
Published-08 Jul, 2024 | 15:09
Updated-22 Aug, 2024 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Overflow Arbitrary Write

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/i... https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.C . In line 313 "addr_loaded_cnt" is checked not to be "CHECK_IMAGE_AREA_CNT" (5) or larger, this check does not halt the function. Immediately after (line 317) there will be an overflow in the buffer and the value of "dst" will be written to the area immediately after the buffer, which is "addr_loaded_cnt". This will allow an attacker to freely control the value of "addr_loaded_cnt" and thus control the destination of the write immediately after (line 318). The write in line 318 will then be fully controlled by said attacker, with whichever address and whichever value ("len") they desire.

Action-Not Available
Vendor-renesasRenesasrenesas
Product-arm-trusted-firmwarercar_gen3_v2.5rcar_gen3_firmware
CWE ID-CWE-123
Write-what-where Condition
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24910
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.2||HIGH
EPSS-3.13% / 86.87%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 17:01
Updated-15 Apr, 2025 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

Action-Not Available
Vendor-InHand Networks, Inc.
Product-ir302_firmwareir302InRouter302
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-23431
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6.4||MEDIUM
EPSS-0.02% / 4.75%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 17:40
Updated-03 Aug, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynosSamsung Mobile Devices with Exynos chipsets
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-42757
Matching Score-4
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-4
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.07% / 22.17%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 11:01
Updated-16 Oct, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortivoicefortianalyzerfortiwebfortiportalfortiproxyfortimanagerfortiswitchfortirecorder_firmwarefortios-6k7kfortiadcfortiosfortindrfortimailFortiManagerFortiRecorderFortiPortalFortiSwitchFortiADCFortiVoiceFortiDDoS-FFortiDDoSFortiNDRFortiMailFortiAnalyzerFortiOSFortiProxyFortiWeb
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found